#!/bin/bash
Install_vsftpd(){
yum install pam -y
yum install pam-devel -y
yum install db4-utils -y
yum install db4 -y
yum list vsftpd -y
yum install vsftpd -y

if vsftpd -v;then
	    echo "已成功安装vsftpd"
    else
	        echo "未安装成功vsftpd，即将退出后面的操作"
	fi

	#添加映射的用户
	chattr -i /etc/passwd /etc/shadow /etc/group /etc/gshadow
	id ftp123 || useradd -d /home/ftp123 -s /sbin/nologin ftp123
	chattr +i /etc/passwd /etc/shadow /etc/group /etc/gshadow

	#备份原配置文件，避免操作错误导致vsftp无法使用
	[ -f /etc/vsftpd/vsftpd.conf ] && cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.bak

	#创建虚拟用户
cat > /etc/vsftpd/vsuser << EOF
admin
666666
upload
666666
download
666666
EOF


#vsftpd的主配置文件
cat > /etc/vsftpd/vsftpd.conf << EOF
anonymous_enable=NO
local_enable=YES
write_enable=NO
allow_writeable_chroot=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
chown_uploads=NO
xferlog_std_format=YES
chroot_local_user=YES
chroot_list_enable=NO
chroot_list_file=/etc/vsftpd/chroot_list
listen=YES
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
xferlog_file=/var/log/vsftpd.log
xferlog_std_format=YES
nopriv_user=ftp123
async_abor_enable=YES
ascii_upload_enable=YES
ascii_download_enable=YES
ftpd_banner=Welcome to blah FTP service ^_^
ls_recurse_enable=NO
listen=YES
local_root=/home/ftp123
guest_enable=YES
guest_username=ftp123
virtual_use_local_privs=YES
user_config_dir=/etc/vsftpd/conf
EOF

#将明文文件翻译成密文
[ -f /etc/vsftpd/vsuser ] && db_load -T -t hash -f /etc/vsftpd/vsuser /etc/vsftpd/vsuser.db


#配置认证:（把之前的那些认证注释掉，才能登陆到ftp服务器）
[ -f /etc/pam.d/vsftpd ] && cp /etc/pam.d/vsftpd /etc/pam.d/vsftpd.backup
cat > /etc/pam.d/vsftpd << EOF
#%PAM-1.0
auth       sufficient     /lib64/security/pam_userdb.so   db=/etc/vsftpd/vsuser
account    sufficient     /lib64/security/pam_userdb.so   db=/etc/vsftpd/vsuser
EOF


mkdir /etc/vsftpd/conf

cat >> /etc/vsftpd/conf/admin << EOF
write_enable=YES
download_enable=YES
EOF

cat >> /etc/vsftpd/conf/upload << eof
virtual_use_local_privs=NO
anon_world_readable_only=NO
write_enable=YES
anon_upload_enable=YES
anon_mkdir_write_enable=YES
eof

#最后是download用户
echo "anon_world_readable_only=NO" > /etc/vsftpd/conf/download

#然后就是启动vsftpd服务
# service vsftpd restart
systemctl start  vsftpd
systemctl status  vsftpd
}
